patchguard · GitHub Topics

Mattiwatti / EfiGuard

Disable PatchGuard and Driver Signature Enforcement at boot time

patchguard efi UEFI bootkit driver Kernel signing Windows

C++ 2.05 k

25 天前

can1357 / ByePg

Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.

patchguard Exploit Windows Kernel

C++ 881

6 年前

hfiref0x / UPGDSED

Universal PatchGuard and Driver Signature Enforcement Disable

patchguard kpp dse abandonware C

C 847

6 年前

FiYHer / InfinityHookPro

InfinityHookPro Win7 -> Win11 latest

hook patchguard rootkit Kernel driver win8 win10 win11

C++ 534

2 年前

KiFilterFiberContext / warbird-hook

Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard

microsoft-warbird patchguard

C++ 248

3 年前

kkent030315 / NoPatchGuardCallback

x64 Windows PatchGuard bypass, register process-creation callbacks from unsigned code

Windows Kernel patchguard kpp

C 205

4 年前

DErDYAST1R / NmiCallbackBlocker

Kernel Level NMI Callback Blocker

blocker bypass callback driver Exploit hvci ntoskrnl patchguard Project undetected Windows

C++ 103

10 个月前

zhutingxf / InfinityHookPro

InfinityHook 支持Win7 到 Win11 最新版本，虚拟机环境及物理机环境

hook patchguard

C++ 75

9 个月前

4l3x777 / dse_pg_bypass

DSE & PG bypass via BYOVD attack

byovd dse patchguard poc 逆向工程

C++ 52

1 年前

i32-Sudo / VulnerablePatchGuardExploit

A Vulnerable PatchGuard Exploit that can be used to disable PatchGuard on Runtime.

battleye bypass Exploit patchguard pg undetected working

C++ 15

1 年前

gmh5225 / QuickPGTrigger

The stress testing of your PG bypass [old school project]

pg patchguard

C++ 10

3 年前

DErDYAST1R / eprocess-dkom-unlinking

EPROCESS Unlinking example in "C" using DKOM Manipulation

e link ntoskrnl patchguard process undetected

C++ 9

10 个月前

PspExitThread / Kernel-Tools

Anti-Rootkit

ark anti-rootkit 工具 debugger driver drivers Kernel Windows dse hvci patchguard

4 个月前

ByteWhite1x1 / EDR-bypass-disable-PspNotifyEnableMask

A single byte modification in the kernel memory bypasses and disables all core functions of the AV/EDR security solutions

bypass patchguard

C 6

2 年前

sondernextdoor / Kairos

Kairos is a next-generation, red-team-oriented Windows kernel defense neutralization framework. It combines traditional runtime patching with UEFI persistence, hypervisor-level surveillance, and Secur...

bypass guard internals Kernel kpp patch patchguard protection Windows

C 5

3 个月前

DErDYAST1R / PsLoadedModuleList-Dkom-Unlinking

PsLoadedModuleList Unlinking through DKOM Manipulation

list module ntoskrnl patchguard process undetected

1 年前

dpcpointer / patchedguard

22h2 Windows patchguard runtime disabler.

bypass C++Kernel kpp patchguard runtime Windows

C 2

2 个月前

dpcpointer / pg-disabler

runtime patchguard disabler (win 10 & 11)

Kernel ntoskrnl patchguard wdk win10

C 2

13 天前

oxunem / NMIBlocker

Demonstration code for intercepting and disabling NMI handling on Intel CPUs in Windows kernel mode.

driver Kernel Windows block blocker bypass Exploit idt ntoskrnl patchguard undetected

C++ 1

1 个月前